SandboxEscaper / New_0day_exploit

Related projects: ⓘ

• badd1e / Proof-of-Concept
  Not necessarily related to software bugs and exploits; this repo contains snippets of code that demonstrate some interesting functionalit…
  ☆33Updated 3 years ago
• invictus1306 / QuickPatch
  QuickPatch: A patching tool
  ☆12Updated 4 years ago
• establishingsecurity / trustzone-rootkit
  TrustZone or TreacheryZone? Giving a vendor more trust increases their power to abuse us surreptitiously.
  ☆14Updated 2 years ago
• zznop / bn-kallsyms
  Binary Ninja plugin for importing symbols to a kernel binary from /proc/kallsyms
  ☆19Updated 2 years ago
• MaherAzzouzi / BrowserExploitation
  Browser exploitation v8 and sandbox escape challenges with solutions.
  ☆26Updated 2 years ago
• jprx / PacmanKit
  An IOKit kext designed for microarchitectural security research on M1
  ☆26Updated last year
• thebabush / honggfuzz-qemu
  Ditto.
  ☆16Updated 4 years ago
• LIJI32 / SnatchBox
  SnatchBox (CVE-2020-27935) is a sandbox escape vulnerability and exploit affecting macOS up to version 10.15.x
  ☆30Updated 3 years ago
• darkmentorllc / publications
  ☆29Updated 8 months ago
• gamozolabs / aflbench
  An AFL scaling benchmarking tool
  ☆18Updated 4 years ago
• RKX1209 / CVE-2019-1010298
  Proof of Concept of TrustZone exploit
  ☆15Updated 5 years ago
• DimitriFourny / cve-2019-6207
  MacOS kernel memory leak (4 bytes)
  ☆29Updated 4 years ago
• akayn / PoCs
  ☆19Updated this week
• bazad / flow_divert-leak
  Kernel heap read buffer overflow on macOS/iOS requiring root.
  ☆10Updated 6 years ago
• JonathanSalwan / X-Tunnel-Opaque-Predicates
  IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel.
  ☆51Updated 5 years ago
• Vector35 / idb-import-plugin
  IDA Database Importer plugin for Binary Ninja
  ☆37Updated last week
• cellebrite-labs / PPLorer
  IDA plugin that resolves PPL calls to the actual underlying PPL function.
  ☆56Updated last year
• BjornRuytenberg / spiblock
  Configure SPI flash write protection.
  ☆23Updated 4 years ago
• maxpl0it / how2bss
  A repository teaching bss/data segment exploitation techniques.
  ☆12Updated 5 years ago
• riverloopsec / ninjadiff
  NinjaDiff is a binary diffing plugin for Binary Ninja. Read more on our blog, and contribute code & improvements!
  ☆57Updated 2 years ago
• DavidCatalan / fridacov
  JS modules for Frida based tools to add code coverage to your instrumentation scripts.
  ☆24Updated 5 years ago
• tenable / mIDA
  ☆33Updated last year
• NeatMonster / mclf-ghidra-loader
  Ghidra loader module for the Mobicore trustlet and driver binaries
  ☆27Updated 4 years ago
• andreafioraldi / idb2gdb
  Load function names from an IDA Pro database inside GDB
  ☆20Updated 5 years ago
• atxsinn3r / BinjaHLILDump
  Binary Ninja plugin that decompiles the whole binary and saves them in a directory.
  ☆20Updated last year
• bkerler / slides_and_papers
  Here be dragons. Or Slides. Or Papers. Or Nothing :)
  ☆30Updated 5 years ago
• grigoritchy / unshift-racy
  Webkit JavascriptCore Array unshift function had a race condition, it leads to RCE.
  ☆44Updated 9 months ago
• seemoo-lab / dtrace-memaccess_cve-2020-27949
  ☆35Updated 3 years ago
• bazad / ctl_ctloutput-leak
  CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.
  ☆28Updated 6 years ago
• borzacchiello / bncallgraph
  Binary Ninja Plugin for Generating Callgraphs
  ☆17Updated 2 years ago